<?php
include "../fun.php";
isLogin();
$db=conndb();

$oldPassword=base64_encode($_POST["oldPassword"]);
$password=base64_encode($_POST["password"]);
$repassword=base64_encode($_POST["repassword"]);

$realname=$_SESSION["realname"];
$sql="select * from user where realname='{$realname}'";
$res=query1($db,$sql,false);
$oldPwd=$res["password"];
if ($oldPassword!=$oldPwd) {
    echo json_encode(["code"=>1,"msg"=>"当前密码不正确"],JSON_UNESCAPED_UNICODE);
}else if ($password=='') {
    echo json_encode(["code"=>1,"msg"=>"新密码不能为空"],JSON_UNESCAPED_UNICODE);
}else if ($password!=$repassword) {
    echo json_encode(["code"=>1,"msg"=>"新密码与确认密码不一致"],JSON_UNESCAPED_UNICODE);
}else{
    $update_sql="update user set password='${password}' where realname='${realname}'";
    // echo $update_sql;
    $db->exec($update_sql);
    echo json_encode(["code"=>0,"msg"=>"密码修改成功"],JSON_UNESCAPED_UNICODE);
}
session_destroy();
?>